From cf0c1c1f5fb0792bbfa1b42afbfeaf622b82b54f Mon Sep 17 00:00:00 2001 From: Odinmylord Date: Wed, 22 Mar 2023 23:14:56 +0100 Subject: [PATCH] Added more details to the SignatureAlgorithms --- testssl.sh | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/testssl.sh b/testssl.sh index b739044..57527eb 100755 --- a/testssl.sh +++ b/testssl.sh @@ -10380,7 +10380,7 @@ run_fs() { local -a ffdhe_groups_output=("ffdhe2048" "ffdhe3072" "ffdhe4096" "ffdhe6144" "ffdhe8192") local -a supported_curve local -a sigalgs_hex=("01,01" "01,02" "01,03" "02,01" "02,02" "02,03" "03,01" "03,02" "03,03" "04,01" "04,02" "04,03" "04,20" "05,01" "05,02" "05,03" "05,20" "06,01" "06,02" "06,03" "06,20" "07,08" "08,04" "08,05" "08,06" "08,07" "08,08" "08,09" "08,0a" "08,0b" "08,1a" "08,1b" "08,1c") - local -a sigalgs_strings=("RSA+MD5" "DSA+MD5" "ECDSA+MD5" "RSA+SHA1" "DSA+SHA1" "ECDSA+SHA1" "RSA+SHA224" "DSA+SHA224" "ECDSA+SHA224" "RSA+SHA256" "DSA+SHA256" "ECDSA+SHA256" "RSA+SHA256" "RSA+SHA384" "DSA+SHA384" "ECDSA+SHA384" "RSA+SHA384" "RSA+SHA512" "DSA+SHA512" "ECDSA+SHA512" "RSA+SHA512" "SM2+SM3" "RSA-PSS+SHA256" "RSA-PSS+SHA384" "RSA-PSS+SHA512" "Ed25519" "Ed448" "RSA-PSS+SHA256" "RSA-PSS+SHA384" "RSA-PSS+SHA512" "ECDSA+SHA256" "ECDSA+SHA384" "ECDSA+SHA512") + local -a sigalgs_strings=("RSA+MD5" "DSA+MD5" "ECDSA+MD5" "RSA+SHA1" "DSA+SHA1" "ECDSA+SHA1" "RSA+SHA224" "DSA+SHA224" "ECDSA+SHA224" "RSA+SHA256" "DSA+SHA256" "ECDSA+SHA256" "RSA+SHA256" "RSA+SHA384" "DSA+SHA384" "ECDSA+SHA384" "RSA+SHA384" "RSA+SHA512" "DSA+SHA512" "ECDSA+SHA512" "RSA+SHA512" "SM2+SM3" "RSA-PSS-RSAE+SHA256" "RSA-PSS-RSAE+SHA384" "RSA-PSS-RSAE+SHA512" "Ed25519" "Ed448" "RSA-PSS-PSS+SHA256" "RSA-PSS-PSS+SHA384" "RSA-PSS-PSS+SHA512" "ECDSA+SHA256" "ECDSA+SHA384" "ECDSA+SHA512") local -a tls13_supported_sigalgs=("false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false") local -a tls12_supported_sigalgs=("false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false") local rsa_cipher="" ecdsa_cipher="" dss_cipher="" @@ -15027,14 +15027,14 @@ parse_tls_serverhello() { if [[ 0x$peering_signing_digest -eq 8 ]] && \ [[ 0x$peer_signature_type -ge 4 ]] && [[ 0x$peer_signature_type -le 11 ]]; then case $peer_signature_type in - 04) peering_signing_digest="SHA256"; peer_signature_type="RSA-PSS" ;; - 05) peering_signing_digest="SHA384"; peer_signature_type="RSA-PSS" ;; - 06) peering_signing_digest="SHA512"; peer_signature_type="RSA-PSS" ;; + 04) peering_signing_digest="SHA256"; peer_signature_type="RSA-PSS-RSAE" ;; + 05) peering_signing_digest="SHA384"; peer_signature_type="RSA-PSS-RSAE" ;; + 06) peering_signing_digest="SHA512"; peer_signature_type="RSA-PSS-RSAE" ;; 07) peering_signing_digest=""; peer_signature_type="Ed25519" ;; 08) peering_signing_digest=""; peer_signature_type="Ed448" ;; - 09) peering_signing_digest="SHA256"; peer_signature_type="RSA-PSS" ;; - 0A) peering_signing_digest="SHA384"; peer_signature_type="RSA-PSS" ;; - 0B) peering_signing_digest="SHA512"; peer_signature_type="RSA-PSS" ;; + 09) peering_signing_digest="SHA256"; peer_signature_type="RSA-PSS-PSS" ;; + 0A) peering_signing_digest="SHA384"; peer_signature_type="RSA-PSS-PSS" ;; + 0B) peering_signing_digest="SHA512"; peer_signature_type="RSA-PSS-PSS" ;; esac if [[ -n "$peering_signing_digest" ]]; then echo "Peer signing digest: $peering_signing_digest" >> $TMPFILE